Re: U.S. Council for International Business Comments on the DG Information Society Working Document, “The processing of personal data and the protection of privacy in the electronic communications sector”

To Whom It May Concern:

The U.S. Council for International Business (“USCIB”) submits the following comments on the DG Information Society Working Document entitled, “{t}he processing of personal data and the protection of privacy in the electronic communications sector.” The USCIB supports the efforts of the European Commission to revise the regulatory framework for the communications sector in Europe, as our comments of February 15, 2000 noted.[1] However, the USCIB does not support a revision of Directive 97/66/EC (the “Directive”) concerning data privacy in the telecommunications sector at this time for the following reasons:

Industry has not had adequate time to effectively consider and provide comment on the proposed revisions. The 1999 Communications Review consultative document[2]
raised the proposal to revise the existing Directive only very briefly, with no specific recommendations. Only recently has the Commission announced the sweeping breadth of its proposed changes: to extend a regulatory structure designed a decade ago for traditional circuit switched telephone networks to all forms of new and emerging electronic communications, including the Internet. Such a decision should not be taken without a full understanding of its likely impacts on all interested marketplace participants. The USCIB therefore urges the Commission to forbear from extending regulation in such wholesale fashion until all affected parties have been given sufficient time to assess the implications of such an important step.

Agreement on the proposed revisions will take time, and will inevitably slow down the 1999 Communications Review as a whole. A review of the Directive of the breadth and scope proposed in the Working Document will take considerable time and effort, and agreement will not likely be reached in the brief period of time envisioned by the Commission for conclusion of the Communications Review. Thus, consideration of these revisions will inevitably slow down the Communications Review as a whole.

Review of the Directive is premature because the general data privacy directive 95/46/EC (Framework Directive) and the Directive are only now just being implemented in most Member States. For example, in the U.K., the Data Protection Act of 1998 and the Telecommunications Data Protection & Privacy Regulations only came into force on 1 March 2000 following delays, and there have been similar delays in many Member States. In fact, the Commission has recently instituted actions against five member states for failure to implement the Framework Directive.

With only a cursory review, our members have raised the following substantive concerns with the Working Document and its proposed revisions to the Directive:

Among the proposed revisions to the Directive are some that could prove inconsistent with the Safe Harbor arrangement and other existing directives. The Safe Harbor negotiations are hopefully nearing a successful conclusion. Any conflict with the Safe Harbor arrangement would seriously hinder transatlantic commerce. Moreover, provisions of the proposed revisions to the Directive are inconsistent with the recently approved Directive on Certain Legal Aspects of Electronic Commerce and the Framework Directive.

The proposed extension of application of the Directive is unnecessary given general application of the Framework Directive. The draft proposal is problematic in that it begins to extend a regulatory framework for data protection and privacy on a subsector (telecommunications network operators, network service providers and ISPs) of the value chain for information society services. Moreover, the proposed revisions may undermine the E.U.'s objective of achieving a competitive information economy. The existing Framework Directive is comprehensive and clearly addresses privacy issues relating to electronic commerce and the Internet, achieving a better balance between consumer empowerment and industry responsibility.

The two data privacy directives should be reviewed at the same time: The Framework Directive has a built-in review mechanism as set forth in Art. 33, which is slated to take place in 2001. The Review of the Framework Directive will broadly incorporate views of all interested parties related to the E.U.'s regulatory framework for privacy and data protection. Therefore, review of the telecommunications-specific data privacy directive should be undertaken at the same time as part of a coordinated process so as to more efficiently and thoroughly address the issues, and to avoid duplicative efforts and ensure consistency.

For the foregoing reasons, the USCIB does not support consideration of the proposed revisions to the Directive at this time. We recommend that the review of the Directive be undertaken simultaneously with the review of the Framework Directive using an open, consultative process that allows the maximum number of stakeholders possible to participate and provide input in a timely fashion.

Sincerely,

Thomas M.T. Niles

Cc: Mr. Erkki Liikanen

Mr. Robert Verrue

Mr. John Mogg

Ms. Erika Mann

Mr. Robert LaRussa

Mr. Gregory Rohde

Mr. Donald Abelson

[1] The USCIB filed comments in the 1999 Communications Review commending the Commission’s efforts to revise the regulatory framework for the communications sector in Europe. See “United States Council for International Business Response to ‘Towards a New Framework for Electronic Communications Infrastructure and Associated Services: The 1999 Communications Review.'"

[1] Communication from the Commission to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions, “Towards a New Framework for Electronic Communications Infrastructure and Associated Services: The 1999 Communications Review,” COM (1999) 539 final.